With the progress of network and digital information technology, an intranet has been an effective communication link among all members and departments in an enterprise organization to exchange important information or documents among members. However, data exchange in the intranet results in a lot of risks, such as: data stealing and virus spreading. As a result, enterprise must establish multiple security management systems in network environment, such as a firewall or an antivirus program, to avoid intentional data stealing or virus spreading. However, some loopholes still exist in the security management systems in the prior art, which is inevitable to cause information leakage due to the improper human operation, intentional data stealing or hacker attack in the intranet.
Therefore, enterprises usually establish additional internal security management system that manages the tasks of computers by distributed and complicated manual operation to verify information through complicated verifying operation. However, this type of security system lacks integrate ability to effectively detect the problematic nodes. That causes, when the security management system found a computer anomalous, the problem has happened for a period of time such that the position of the abnormal computer is unable to be quickly found by the late analysis to the statuses of computers in each sections. Furthermore, in terms of information management, the manager of the security management system is required to manually configure the privilege for all kinds of documents according to the content of document, which will cause an unexpected delay if the manager fails to timely configure the privilege because of enormous amount of secret document. Therefore, the prior internal security management systems are found with a plenty of flaws needed to be improved.